Jeremy Stanley <fu...@yuggoth.org> writes: > Yes, this is a much nicer way of rephrasing it, but basically still what > I said. Turning on HTTPS by default wouldn't be addressing any > particular user risk, it would simply keep everyone from having to > discuss and explain it ad nauseum. Much like replacing older hash > functions for non-security-related checksumming: the potential for > accidental collisions may not outweigh the engineering effort required > to update applications or protocols, but the time developers will spend > having to explain why they're using MD5 or SHA-1 hashes can be orders of > magnitude greater still.
Yes, this sounds right to me. It sounds like we have a general consensus in this thread that, while changing our default to HTTPS probably won't make anything more secure in practice, we should still do it? If so, I think the next step would be to open a bug with a summary of this discussion. I'm happy to do that, but I'm not sure what package owns this configuration. -- Russ Allbery (r...@debian.org) <https://www.eyrie.org/~eagle/>